prosím o kontolu

[danatoma]

Dobrý večer!
Jsem tady zase, teď ne s notebookem, ale s "bednou" - asi dva měsíce jsem nebyla doma a včera jsem zapnula PC a seká se mi zvuk i obraz u videí (např. z Primy, Novy i jiná).
Přikládám log z RSITu.
Děkuji!!!!

Logfile of random's system information tool 1.09 (written by random/random)
Run by Maminka at 2014-11-27 17:40:21
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 34 GB (45%) free of 76 GB
Total RAM: 1984 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:40:30, on 27.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Maminka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7197 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe" -Embedding
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A3_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --channel="2900.0.1650020582\582441449" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A3_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --channel="2900.1.1198167638\53180656" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A3_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --enable-gpu-rasterization --disable-gpu-compositing --channel="2900.3.990076305\1343941852" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A3_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --enable-gpu-rasterization --disable-gpu-compositing --channel="2900.20.1262533493\1114905391" /prefetch:673131151
"C:\Users\Maminka\Desktop\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe45_ Global\UsGthrCtrlFltPipeMssGthrPipe45 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\Program Files\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-11-26 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-10 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-26 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-10 171944]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-11-26 5226600]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-27 17:40:21 ----D---- C:\rsit
2014-11-27 11:44:26 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-11-27 11:44:26 ----A---- C:\Windows\system32\tzres.dll
2014-11-27 11:42:42 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-27 11:42:40 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-26 23:34:25 ----SHD---- C:\Config.Msi
2014-11-26 23:14:41 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2014-11-26 23:14:41 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-11-26 18:46:31 ----A---- C:\Windows\system32\aswBoot.exe
2014-11-26 18:46:19 ----A---- C:\Windows\avastSS.scr
2014-11-26 18:45:11 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys
2014-11-26 17:45:04 ----D---- C:\Program Files (x86)\Lavalys
2014-11-26 14:58:28 ----A---- C:\Windows\system32\generaltel.dll
2014-11-26 14:58:27 ----A---- C:\Windows\system32\aepdu.dll
2014-11-26 14:58:26 ----A---- C:\Windows\system32\aeinv.dll
2014-11-26 14:58:23 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2014-11-26 14:58:23 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-11-26 14:58:13 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-11-26 14:58:13 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-11-26 14:58:13 ----A---- C:\Windows\system32\mscorier.dll
2014-11-26 14:58:13 ----A---- C:\Windows\system32\dfshim.dll
2014-11-26 14:58:12 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-11-26 14:58:12 ----A---- C:\Windows\system32\mscories.dll
2014-11-26 14:58:09 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-11-26 14:58:09 ----A---- C:\Windows\system32\d3d10warp.dll
2014-11-26 14:56:39 ----A---- C:\Windows\system32\termsrv.dll
2014-11-26 14:56:38 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-26 14:56:38 ----A---- C:\Windows\system32\adtschema.dll
2014-11-26 14:56:36 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-26 14:56:36 ----A---- C:\Windows\system32\msaudite.dll
2014-11-26 14:55:35 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-26 14:55:35 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-11-26 14:55:34 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-26 14:55:34 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-11-26 14:55:34 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-11-26 14:55:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-26 14:55:33 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-26 14:55:33 ----A---- C:\Windows\system32\iernonce.dll
2014-11-26 14:55:33 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-26 14:55:32 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-26 14:55:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-26 14:55:31 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-26 14:55:31 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-26 14:55:30 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-26 14:55:28 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-26 14:55:28 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-11-26 14:55:27 ----A---- C:\Windows\system32\urlmon.dll
2014-11-26 14:55:27 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-26 14:55:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-26 14:55:24 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-26 14:55:24 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-11-26 14:55:24 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-11-26 14:55:24 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-11-26 14:55:23 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-11-26 14:55:23 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-26 14:55:23 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-26 14:55:23 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-26 14:55:23 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-26 14:55:22 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-26 14:55:21 ----A---- C:\Windows\system32\iesetup.dll
2014-11-26 14:55:21 ----A---- C:\Windows\system32\ieapfltr.dll
2014-11-26 14:55:19 ----A---- C:\Windows\system32\iertutil.dll
2014-11-26 14:55:17 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-11-26 14:55:17 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-26 14:55:16 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-26 14:55:16 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-11-26 14:55:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-26 14:55:15 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-11-26 14:55:15 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-26 14:55:15 ----A---- C:\Windows\system32\ieUnatt.exe
2014-11-26 14:55:13 ----A---- C:\Windows\system32\ieui.dll
2014-11-26 14:55:13 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-26 14:55:12 ----A---- C:\Windows\system32\ieframe.dll
2014-11-26 14:55:11 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-11-26 14:55:11 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-26 14:55:11 ----A---- C:\Windows\system32\jscript9diag.dll
2014-11-26 14:55:10 ----A---- C:\Windows\system32\vbscript.dll
2014-11-26 14:55:10 ----A---- C:\Windows\system32\jscript9.dll
2014-11-26 14:55:09 ----A---- C:\Windows\system32\wininet.dll
2014-11-26 14:55:08 ----A---- C:\Windows\system32\msrating.dll
2014-11-26 14:55:08 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-11-26 14:55:06 ----A---- C:\Windows\system32\mshtml.dll
2014-11-26 14:54:57 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-26 14:54:57 ----A---- C:\Windows\system32\msxml3.dll
2014-11-26 14:54:56 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-11-26 14:54:56 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-26 14:54:35 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2014-11-26 14:54:35 ----A---- C:\Windows\system32\qdvd.dll
2014-11-26 14:54:33 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-26 14:54:32 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2014-11-26 14:54:23 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-26 14:54:23 ----A---- C:\Windows\system32\kerberos.dll
2014-11-26 14:54:22 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-26 14:54:22 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-26 14:54:21 ----A---- C:\Windows\system32\pku2u.dll
2014-11-26 14:54:20 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-11-26 14:54:20 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-26 14:54:18 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-11-26 14:53:58 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-11-26 14:53:58 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-26 14:53:57 ----A---- C:\Windows\system32\EncDump.dll
2014-11-26 14:53:57 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-26 14:53:57 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-26 14:53:56 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-11-26 14:53:56 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-11-26 14:53:56 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-26 14:53:54 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-11-26 14:53:54 ----A---- C:\Windows\system32\rastls.dll
2014-11-26 14:53:44 ----A---- C:\Windows\system32\rdpcorets.dll
2014-11-26 14:52:10 ----A---- C:\Windows\system32\schannel.dll
2014-11-26 14:52:09 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-26 14:52:08 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-26 14:52:08 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-11-26 14:52:07 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-11-26 14:52:07 ----A---- C:\Windows\system32\wdigest.dll
2014-11-26 14:52:07 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-26 14:52:06 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-11-26 14:52:06 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-26 14:52:05 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-11-26 14:52:04 ----A---- C:\Windows\system32\credssp.dll
2014-11-26 14:52:03 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-11-26 14:50:55 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-26 14:50:55 ----A---- C:\Windows\system32\packager.dll
2014-11-26 14:50:26 ----A---- C:\Windows\system32\winsta.dll
2014-11-26 14:50:25 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-11-26 14:50:24 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-11-26 14:50:23 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-11-26 14:50:22 ----A---- C:\Windows\system32\winlogon.exe
2014-11-26 14:50:13 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-11-26 14:48:41 ----A---- C:\Windows\system32\win32k.sys
2014-11-26 14:48:33 ----A---- C:\Windows\system32\msi.dll
2014-11-26 14:48:32 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-26 14:47:43 ----A---- C:\Windows\system32\mstscax.dll
2014-11-26 14:47:33 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-11-26 13:59:49 ----HD---- C:\ProgramData\CanonIJScan
2014-11-26 13:59:35 ----D---- C:\Users\Maminka\AppData\Roaming\Canon

======List of files/folders modified in the last 1 month======

2014-11-27 17:40:31 ----D---- C:\Windows\Prefetch
2014-11-27 17:40:26 ----D---- C:\Program Files\trend micro
2014-11-27 17:40:18 ----D---- C:\Windows\Temp
2014-11-27 15:32:08 ----D---- C:\Windows\system32\config
2014-11-27 15:03:02 ----D---- C:\Windows\winsxs
2014-11-27 15:01:43 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-27 15:01:43 ----D---- C:\Windows\SysWOW64
2014-11-27 15:01:43 ----D---- C:\Windows\system32\cs-CZ
2014-11-27 15:01:43 ----D---- C:\Windows\System32
2014-11-27 13:06:05 ----SHD---- C:\System Volume Information
2014-11-27 11:43:39 ----D---- C:\Windows\system32\catroot
2014-11-27 11:43:38 ----D---- C:\Windows\system32\catroot2
2014-11-27 11:23:20 ----D---- C:\Windows\Microsoft.NET
2014-11-27 11:01:39 ----RSD---- C:\Windows\assembly
2014-11-27 09:19:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-27 09:18:57 ----D---- C:\Windows\inf
2014-11-27 09:08:27 ----D---- C:\Windows\system32\drivers
2014-11-27 09:05:25 ----SD---- C:\Windows\system32\CompatTel
2014-11-27 09:05:16 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-27 09:05:16 ----D---- C:\Program Files\Internet Explorer
2014-11-27 09:05:13 ----D---- C:\Windows\system32\en-US
2014-11-27 09:05:11 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-27 00:08:59 ----SHD---- C:\Windows\Installer
2014-11-26 23:57:51 ----D---- C:\ProgramData\Microsoft Help
2014-11-26 23:35:56 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-11-26 23:27:47 ----D---- C:\Windows\system32\MRT
2014-11-26 18:49:34 ----D---- C:\Windows\system32\DriverStore
2014-11-26 18:46:53 ----D---- C:\Windows\system32\Tasks
2014-11-26 18:46:30 ----D---- C:\Windows
2014-11-26 17:45:04 ----RD---- C:\Program Files (x86)
2014-11-26 13:59:49 ----HD---- C:\ProgramData
2014-11-26 13:53:40 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-26 13:39:36 ----D---- C:\Windows\Tasks
2014-11-04 14:30:58 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-31 23:26:42 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2014-11-26 449936]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-26 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-26 267632]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 videX64;videX64; C:\Windows\system32\DRIVERS\videX64.sys [2010-02-11 15000]
R0 xfiltx64;VIA SATA IDE Hot-plug Driver; C:\Windows\system32\DRIVERS\xfiltx64.sys [2010-02-11 26776]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2014-11-26 28184]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-26 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-26 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-26 436624]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-26 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-26 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-26 116728]
R3 FETNDIS;VIA Rhine-Family Fast Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\fet6x64.sys [2009-06-10 47872]
R3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys [2009-10-07 30232]
R3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561V64.SYS [2009-04-30 588952]
R3 VIAudio;VIA AC'97 Audio Controller; C:\Windows\system32\drivers\ac97via.sys [2008-01-03 93696]
S3 LVPr2Mon;LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys [2009-10-07 30232]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-04-23 119512]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-26 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-11-26 104416]
R2 LVPrcS64;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 191000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-07 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-07 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-06 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-04-08 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[Roli]

Zdravím, v Plánovači úloh zakaž Google Update bude to tam několikrát.


Přes Start >> Všechny programy >> Příslušenství >> Spustit >> napiš - services.msc >> Enter. Najdi službu :

Služba Google Update (gupdate)
Služba Google Update (gupdatem)

dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po té proběhne sken a po jeho skončení klikni na Report a to co na Tebe vypadne mi sem zkopíruj.

[danatoma]

Tohle na mne vypadlo:
# AdwCleaner v4.102 - Report created 27/11/2014 at 18:38:31
# Updated 23/11/2014 by Xplode
# Database : 2014-11-27.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Maminka - MAMINKA-PC
# Running from : C:\Users\Maminka\Desktop\adwcleaner_4.102.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found : C:\Program Files\Search
Folder Found : C:\ProgramData\drivergenius
Folder Found : C:\Users\Public\Documents\drivergenius

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Google Chrome v39.0.2171.71

[C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://mystart.incredimail.com//?loc=GC_Default_Search&search={searchTerms}&a=1jSpzHSOPSc
[C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416147195&from=cvs&uid=WDCXWD1600BEVT-22ZCT0_WD-WXCZ0800008200082&q={searchTerms}
[C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416147195&from=cvs&uid=WDCXWD1600BEVT-22ZCT0_WD-WXCZ0800008200082&q={searchTerms}
[C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416147195&from=cvs&uid=WDCXWD1600BEVT-22ZCT0_WD-WXCZ0800008200082&q={searchTerms}
[C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416147195&from=cvs&uid=WDCXWD1600BEVT-22ZCT0_WD-WXCZ0800008200082&q={searchTerms}

*************************

AdwCleaner[R0].txt - [972 octets] - [23/04/2014 09:57:14]
AdwCleaner[R1].txt - [1031 octets] - [23/04/2014 10:03:09]
AdwCleaner[R2].txt - [2001 octets] - [27/11/2014 18:38:31]
AdwCleaner[S0].txt - [1103 octets] - [23/04/2014 10:06:47]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [2121 octets] ##########

[Roli]

Znovu spusť AdwCleaner ale tentokrát klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zase zkopíruj Report.


Pak písni jaký je stav PC, případně budeme pokračovat.

[danatoma]

provedeno podle pokynu...

# AdwCleaner v4.102 - Report created 27/11/2014 at 22:43:46
# Updated 23/11/2014 by Xplode
# Database : 2014-11-27.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Maminka - MAMINKA-PC
# Running from : C:\Users\Maminka\Desktop\adwcleaner_4.102.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\drivergenius
[!] Folder Deleted : C:\Program Files\Search
Folder Deleted : C:\Users\Public\Documents\drivergenius

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Google Chrome v39.0.2171.71

[C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredimail.com//?loc=GC_Default_Search&search={searchTerms}&a=1jSpzHSOPSc
[C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416147195&from=cvs&uid=WDCXWD1600BEVT-22ZCT0_WD-WXCZ0800008200082&q={searchTerms}
[C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416147195&from=cvs&uid=WDCXWD1600BEVT-22ZCT0_WD-WXCZ0800008200082&q={searchTerms}
[C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416147195&from=cvs&uid=WDCXWD1600BEVT-22ZCT0_WD-WXCZ0800008200082&q={searchTerms}
[C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416147195&from=cvs&uid=WDCXWD1600BEVT-22ZCT0_WD-WXCZ0800008200082&q={searchTerms}

-\\ Opera v0.0.0.0

[C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredimail.com//?loc=GC_Default_Search&search={searchTerms}&a=1jSpzHSOPSc
[C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416147195&from=cvs&uid=WDCXWD1600BEVT-22ZCT0_WD-WXCZ0800008200082&q={searchTerms}
[C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416147195&from=cvs&uid=WDCXWD1600BEVT-22ZCT0_WD-WXCZ0800008200082&q={searchTerms}
[C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416147195&from=cvs&uid=WDCXWD1600BEVT-22ZCT0_WD-WXCZ0800008200082&q={searchTerms}
[C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1416147195&from=cvs&uid=WDCXWD1600BEVT-22ZCT0_WD-WXCZ0800008200082&q={searchTerms}

*************************

AdwCleaner[R0].txt - [972 octets] - [23/04/2014 09:57:14]
AdwCleaner[R1].txt - [1031 octets] - [23/04/2014 10:03:09]
AdwCleaner[R2].txt - [2201 octets] - [27/11/2014 18:38:31]
AdwCleaner[R3].txt - [2285 octets] - [27/11/2014 22:39:48]
AdwCleaner[S0].txt - [1103 octets] - [23/04/2014 10:06:47]
AdwCleaner[S1].txt - [3361 octets] - [27/11/2014 22:43:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3421 octets] ##########



Videa se moc nespravila. Když ale hraje delší dobu - třeba tak půl hoďky, tak se najednou přestane sekat a zvuk i obraz jsou naprosto v pohodě....
Tak zatím - díky a pokračovat budu zítra - jsem unavená a možná bych toho víc pokazila, než dala dohromady.
ROLI, DÍKY A DOBROU

[Roli]

Tak ještě půjdem pro jistotu hlouběji a pak se mrkneme na hardware.


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.


Použij AIDU

Sice se jedná o trial ale náš účel splní.

Nainstaluj ji >> spusť >> klik na Počítač >> dále Přehled,

nahoře v aplikaci klikni na Zpráva vyber Rychlá zpráva >> Prostý text

a zkopíruj mi sem vše po Síť :, kouknu se co se s tím dá dělat.

[danatoma]

Zdravím, ROLI - tak tady je report Combofixu a jdu plnit dalšěí pokyn - aida
ComboFix 14-11-25.01 - Maminka 28.11.2014 18:34:30.1.1 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.1984.1151 [GMT 1:00]
Spuštěný z: c:\users\Maminka\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-10-28 do 2014-11-28 )))))))))))))))))))))))))))))))
.
.
2014-11-28 18:30 . 2014-11-28 18:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-28 17:19 . 2014-11-28 17:19 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C0A24268-057A-4E54-9154-AEE687F22A5D}\offreg.dll
2014-11-28 12:30 . 2014-11-17 01:08 11632448 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C0A24268-057A-4E54-9154-AEE687F22A5D}\mpengine.dll
2014-11-27 21:45 . 2014-11-27 21:45 -------- d-----w- c:\program files\Search
2014-11-27 18:46 . 2014-11-27 18:46 -------- d-----w- c:\users\Maminka\AppData\Roaming\Opera Software
2014-11-27 18:46 . 2014-11-27 18:46 -------- d-----w- c:\users\Maminka\AppData\Local\Opera Software
2014-11-27 18:45 . 2014-11-27 18:49 -------- d-----w- c:\program files (x86)\Opera
2014-11-27 16:40 . 2014-11-27 16:40 -------- d-----w- C:\rsit
2014-11-27 16:08 . 2014-11-27 16:08 -------- d-sh--w- c:\users\Maminka\AppData\Local\EmieBrowserModeList
2014-11-27 10:44 . 2014-09-09 22:11 2048 ----a-w- c:\windows\system32\tzres.dll
2014-11-27 10:44 . 2014-09-09 21:47 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-11-27 10:42 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-11-27 10:42 . 2014-10-18 01:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-11-26 22:14 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-11-26 22:14 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-11-26 17:46 . 2014-11-26 17:46 364512 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-26 17:46 . 2014-11-26 17:46 43152 ----a-w- c:\windows\avastSS.scr
2014-11-26 17:45 . 2014-11-26 17:45 449936 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
2014-11-26 16:45 . 2014-11-26 16:45 -------- d-----w- c:\program files (x86)\Lavalys
2014-11-26 13:56 . 2014-10-14 02:13 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-11-26 13:56 . 2014-10-14 02:07 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-11-26 13:56 . 2014-10-14 01:46 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-11-26 13:56 . 2014-10-14 02:09 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-11-26 13:56 . 2014-10-14 01:47 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-11-26 13:54 . 2014-08-21 06:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2014-11-26 13:53 . 2014-10-03 02:12 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-11-26 13:53 . 2014-10-03 01:44 442880 ----a-w- c:\windows\SysWow64\AUDIOKSE.dll
2014-11-26 13:53 . 2014-10-03 02:11 284672 ----a-w- c:\windows\system32\EncDump.dll
2014-11-26 13:53 . 2014-10-03 02:11 680960 ----a-w- c:\windows\system32\audiosrv.dll
2014-11-26 13:53 . 2014-10-03 02:11 440832 ----a-w- c:\windows\system32\AudioEng.dll
2014-11-26 13:53 . 2014-10-03 02:11 296448 ----a-w- c:\windows\system32\AudioSes.dll
2014-11-26 13:53 . 2014-10-03 01:44 374784 ----a-w- c:\windows\SysWow64\AudioEng.dll
2014-11-26 13:53 . 2014-10-03 01:44 195584 ----a-w- c:\windows\SysWow64\AudioSes.dll
2014-11-26 13:53 . 2014-09-04 05:23 424448 ----a-w- c:\windows\system32\rastls.dll
2014-11-26 13:53 . 2014-09-04 05:04 372736 ----a-w- c:\windows\SysWow64\rastls.dll
2014-11-26 13:53 . 2014-08-29 02:07 3179520 ----a-w- c:\windows\system32\rdpcorets.dll
2014-11-26 13:52 . 2014-09-19 09:42 342016 ----a-w- c:\windows\system32\schannel.dll
2014-11-26 13:52 . 2014-09-19 09:42 309760 ----a-w- c:\windows\system32\ncrypt.dll
2014-11-26 13:52 . 2014-09-19 09:23 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2014-11-26 13:52 . 2014-09-19 09:23 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-11-26 13:52 . 2014-09-19 09:42 210944 ----a-w- c:\windows\system32\wdigest.dll
2014-11-26 13:52 . 2014-09-19 09:42 314880 ----a-w- c:\windows\system32\msv1_0.dll
2014-11-26 13:52 . 2014-09-19 09:23 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2014-11-26 13:52 . 2014-09-19 09:42 86528 ----a-w- c:\windows\system32\TSpkg.dll
2014-11-26 13:52 . 2014-09-19 09:23 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2014-11-26 13:52 . 2014-09-19 09:23 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2014-11-26 13:52 . 2014-09-19 09:42 22016 ----a-w- c:\windows\system32\credssp.dll
2014-11-26 13:52 . 2014-09-19 09:23 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2014-11-26 13:50 . 2014-10-25 01:57 77824 ----a-w- c:\windows\system32\packager.dll
2014-11-26 13:50 . 2014-10-25 01:32 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-11-26 13:50 . 2014-07-17 02:07 235520 ----a-w- c:\windows\system32\winsta.dll
2014-11-26 13:50 . 2014-07-17 01:40 157696 ----a-w- c:\windows\SysWow64\winsta.dll
2014-11-26 13:50 . 2014-07-17 01:21 212480 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2014-11-26 13:50 . 2014-07-17 02:07 150528 ----a-w- c:\windows\system32\rdpcorekmts.dll
2014-11-26 13:50 . 2014-07-17 02:07 455168 ----a-w- c:\windows\system32\winlogon.exe
2014-11-26 13:50 . 2014-07-17 01:21 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2014-11-26 13:48 . 2014-10-10 00:57 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-11-26 13:48 . 2014-10-14 02:13 3241984 ----a-w- c:\windows\system32\msi.dll
2014-11-26 13:48 . 2014-10-14 01:50 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-11-26 13:47 . 2014-09-05 02:11 6584320 ----a-w- c:\windows\system32\mstscax.dll
2014-11-26 13:47 . 2014-09-05 01:52 5703168 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-11-26 12:59 . 2014-11-26 12:59 -------- d--h--w- c:\programdata\CanonIJScan
2014-11-26 12:59 . 2014-11-26 12:59 -------- d-----w- c:\users\Maminka\AppData\Roaming\Canon
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-27 17:14 . 2014-04-07 12:11 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-27 17:14 . 2014-04-07 12:11 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-26 17:47 . 2014-04-22 22:01 1050432 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-26 17:46 . 2014-04-22 22:01 116728 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-11-26 17:46 . 2014-04-22 22:01 436624 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-26 17:46 . 2014-04-22 22:01 267632 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-26 17:46 . 2014-04-22 22:01 83280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-11-26 17:46 . 2014-04-22 22:01 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-26 17:46 . 2014-04-22 22:01 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-26 17:46 . 2014-04-22 22:01 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-11-26 17:45 . 2014-04-22 22:01 28184 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2014-11-04 13:30 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-31 22:26 . 2014-04-07 23:15 103374192 ----a-w- c:\windows\system32\MRT.exe
2014-09-19 09:23 . 2014-11-26 13:52 248832 ----a-w- c:\windows\SysWow64\schannel.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-11-26 5226600]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 videX64;videX64;c:\windows\system32\DRIVERS\videX64.sys;c:\windows\SYSNATIVE\DRIVERS\videX64.sys [x]
S0 xfiltx64;VIA SATA IDE Hot-plug Driver;c:\windows\system32\DRIVERS\xfiltx64.sys;c:\windows\SYSNATIVE\DRIVERS\xfiltx64.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [x]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-26 13:59 1087304 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-11-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-07 17:14]
.
2014-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-07 12:50]
.
2014-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-07 12:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-26 17:46 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_239_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_239_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-11-28 19:36:01
ComboFix-quarantined-files.txt 2014-11-28 18:36
.
Před spuštěním: Volných bajtů: 35 318 140 928
Po spuštění: Volných bajtů: 34 766 336 000
.
- - End Of File - - 1B56E26EFAB896B2E5DB780B28BAE580
A36C5E4F47E84449FF07ED3517B43A31

[danatoma]

PŘIDÁVÁM aidu"
Verze AIDA64 v4.70.3200/cz
Modul benchmarku 4.1.622-x64
Domovská stránka http://www.aida64.com/
Typ zprávy Rychlá zpráva [ TRIAL VERSION ]
Počítač MAMINKA-PC
Vytvořil Maminka
Operační systém Microsoft Windows 7 Home Premium 6.1.7601.18409 (Win7 RTM)
Datum 2014-11-28
Čas 19:45


--------[ Přehled ]-----------------------------------------------------------------------------------------------------

Počítač:
Typ počítače ACPI x64-based PC
Operační systém Microsoft Windows 7 Home Premium
Aktualizace Service pack [ TRIAL VERSION ]
Internet Explorer 11.0.9600.17420
DirectX DirectX 11.1
Jméno počítače MAMINKA-PC
Jméno uživatele Maminka
Přihlašovací doména [ TRIAL VERSION ]
Datum / Čas 2014-11-28 / 19:45

Základní deska:
Typ CPU AMD Sempron, 1800 MHz (9 x 200) 3000+
Název základní desky MSI K8MM3-V (MS-7181 v1.0) (3 PCI, 1 AGP, 2 DDR DIMM, Audio, Video, LAN)
Čipová sada základní desky VIA VT8380 K8M800, AMD Hammer
Pracovní paměť [ TRIAL VERSION ]
DIMM1: A-Data 1 GB PC3200 DDR SDRAM (3.0-3-3-8 @ 200 MHz) (2.5-3-3-7 @ 166 MHz)
DIMM2: A-Data [ TRIAL VERSION ]
Typ BIOSu Award (01/17/06)
Komunikační porty (COM a LPT) Komunikační port (COM1)
Komunikační porty (COM a LPT) Komunikační port (COM2)
Komunikační porty (COM a LPT) Port tiskárny (LPT1)

Zobrazení:
Grafický adaptér Standardn grafick adaptr s rozlienm VGA (64 MB)
3D-akcelerátor VIA/S3G UniChrome Pro
Monitor Acer V193 [19" LCD] (LDQ0C0914085)

Multimédia:
Zvukový adaptér VIA VT1617A @ VIA AC'97 Enhanced Audio Controller

Nosiče dat:
Ovladač IDE VIA Bus Master IDE Controller - 0571
Ovladač IDE VIA Serial ATA Controller - 3149
Disketová jednotka Disketová jednotka
Disková jednotka ST3802110A ATA Device (80 GB, 7200 RPM, Ultra-ATA/100)
Optická jednotka _NEC DVD_RW ND-4570A ATA Device (DVD+R9:8x, DVD-R9:6x, DVD+RW:16x/8x, DVD-RW:16x/8x, DVD-RAM:5x, DVD-ROM:16x, CD:48x/32x/48x DVD+RW/DVD-RW/DVD-RAM)
Stav SMART pevného disku OK

Oddíly:
C: (NTFS) [ TRIAL VERSION ]
Celková velikost [ TRIAL VERSION ]

Vstupní zařízení:
Klávesnice Standardní klávesnice PS/2
Myš Myš kompatibilní s portem PS/2

Síť:
Primární adresa IP [ TRIAL VERSION ]
Primární adresa MAC 00-16-17-17-16-C8
Síťový adaptér VIA Rhine II Compatible Fast Ethernet Adapter (94.1 [ TRIAL VERSION ])

==============================

AIDA je něco jako mám v PC - EVEREST Ultimate...

[Roli]

AIDA je něco jako mám v PC - EVEREST Ultimate...

Ano je to následník Everestu.

Odinstaluj Mbam.

Pokud jsi tak ještě neučinila, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

RegLock:: 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci


Dále jsem Ti chtěl najít novější ovladače grafiky a zvukovky, ale je tu problém,

základní deska oficiálně nepodporuje Windows 7 tudíž jsou pouze na Vistu a ty bych tam nerad cpal.

[danatoma]

Díky, taky jsem už zjistila, že by to nejspíš chtělo novou desku. Ale má cenu kupovat starému "Trabantovi" to nejdražší obutí? Prostě budu jezdit až dojezdím a pak koupím novou bednu.

tak tady je nový log:
ComboFix 14-11-25.01 - Maminka 30.11.2014 17:23:41.2.1 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.1984.1293 [GMT 1:00]
Spuštěný z: c:\users\Maminka\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Enabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-10-28 do 2014-11-30 )))))))))))))))))))))))))))))))
.
.
2014-11-30 17:16 . 2014-11-30 17:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-28 18:41 . 2014-11-28 18:41 -------- d-----w- c:\program files (x86)\FinalWire
2014-11-28 17:19 . 2014-11-28 17:19 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C0A24268-057A-4E54-9154-AEE687F22A5D}\offreg.dll
2014-11-28 12:30 . 2014-11-17 01:08 11632448 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C0A24268-057A-4E54-9154-AEE687F22A5D}\mpengine.dll
2014-11-27 21:45 . 2014-11-27 21:45 -------- d-----w- c:\program files\Search
2014-11-27 18:46 . 2014-11-27 18:46 -------- d-----w- c:\users\Maminka\AppData\Roaming\Opera Software
2014-11-27 18:46 . 2014-11-27 18:46 -------- d-----w- c:\users\Maminka\AppData\Local\Opera Software
2014-11-27 18:45 . 2014-11-27 18:49 -------- d-----w- c:\program files (x86)\Opera
2014-11-27 16:40 . 2014-11-27 16:40 -------- d-----w- C:\rsit
2014-11-27 16:08 . 2014-11-27 16:08 -------- d-sh--w- c:\users\Maminka\AppData\Local\EmieBrowserModeList
2014-11-27 10:44 . 2014-09-09 22:11 2048 ----a-w- c:\windows\system32\tzres.dll
2014-11-27 10:44 . 2014-09-09 21:47 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-11-27 10:42 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-11-27 10:42 . 2014-10-18 01:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-11-26 22:14 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-11-26 22:14 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-11-26 17:46 . 2014-11-26 17:46 364512 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-26 17:46 . 2014-11-26 17:46 43152 ----a-w- c:\windows\avastSS.scr
2014-11-26 17:45 . 2014-11-26 17:45 449936 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
2014-11-26 16:45 . 2014-11-26 16:45 -------- d-----w- c:\program files (x86)\Lavalys
2014-11-26 13:56 . 2014-10-14 02:13 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-11-26 13:56 . 2014-10-14 02:07 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-11-26 13:56 . 2014-10-14 01:46 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-11-26 13:56 . 2014-10-14 02:09 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-11-26 13:56 . 2014-10-14 01:47 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-11-26 13:54 . 2014-08-21 06:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2014-11-26 13:53 . 2014-10-03 02:12 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-11-26 13:53 . 2014-10-03 01:44 442880 ----a-w- c:\windows\SysWow64\AUDIOKSE.dll
2014-11-26 13:53 . 2014-10-03 02:11 284672 ----a-w- c:\windows\system32\EncDump.dll
2014-11-26 13:53 . 2014-10-03 02:11 680960 ----a-w- c:\windows\system32\audiosrv.dll
2014-11-26 13:53 . 2014-10-03 02:11 440832 ----a-w- c:\windows\system32\AudioEng.dll
2014-11-26 13:53 . 2014-10-03 02:11 296448 ----a-w- c:\windows\system32\AudioSes.dll
2014-11-26 13:53 . 2014-10-03 01:44 374784 ----a-w- c:\windows\SysWow64\AudioEng.dll
2014-11-26 13:53 . 2014-10-03 01:44 195584 ----a-w- c:\windows\SysWow64\AudioSes.dll
2014-11-26 13:53 . 2014-09-04 05:23 424448 ----a-w- c:\windows\system32\rastls.dll
2014-11-26 13:53 . 2014-09-04 05:04 372736 ----a-w- c:\windows\SysWow64\rastls.dll
2014-11-26 13:53 . 2014-08-29 02:07 3179520 ----a-w- c:\windows\system32\rdpcorets.dll
2014-11-26 13:52 . 2014-09-19 09:42 342016 ----a-w- c:\windows\system32\schannel.dll
2014-11-26 13:52 . 2014-09-19 09:42 309760 ----a-w- c:\windows\system32\ncrypt.dll
2014-11-26 13:52 . 2014-09-19 09:23 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2014-11-26 13:52 . 2014-09-19 09:23 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-11-26 13:52 . 2014-09-19 09:42 210944 ----a-w- c:\windows\system32\wdigest.dll
2014-11-26 13:52 . 2014-09-19 09:42 314880 ----a-w- c:\windows\system32\msv1_0.dll
2014-11-26 13:52 . 2014-09-19 09:23 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2014-11-26 13:52 . 2014-09-19 09:42 86528 ----a-w- c:\windows\system32\TSpkg.dll
2014-11-26 13:52 . 2014-09-19 09:23 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2014-11-26 13:52 . 2014-09-19 09:23 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2014-11-26 13:52 . 2014-09-19 09:42 22016 ----a-w- c:\windows\system32\credssp.dll
2014-11-26 13:52 . 2014-09-19 09:23 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2014-11-26 13:50 . 2014-10-25 01:57 77824 ----a-w- c:\windows\system32\packager.dll
2014-11-26 13:50 . 2014-10-25 01:32 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-11-26 13:50 . 2014-07-17 02:07 235520 ----a-w- c:\windows\system32\winsta.dll
2014-11-26 13:50 . 2014-07-17 01:40 157696 ----a-w- c:\windows\SysWow64\winsta.dll
2014-11-26 13:50 . 2014-07-17 01:21 212480 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2014-11-26 13:50 . 2014-07-17 02:07 150528 ----a-w- c:\windows\system32\rdpcorekmts.dll
2014-11-26 13:50 . 2014-07-17 02:07 455168 ----a-w- c:\windows\system32\winlogon.exe
2014-11-26 13:50 . 2014-07-17 01:21 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2014-11-26 13:48 . 2014-10-10 00:57 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-11-26 13:48 . 2014-10-14 02:13 3241984 ----a-w- c:\windows\system32\msi.dll
2014-11-26 13:48 . 2014-10-14 01:50 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-11-26 13:47 . 2014-09-05 02:11 6584320 ----a-w- c:\windows\system32\mstscax.dll
2014-11-26 13:47 . 2014-09-05 01:52 5703168 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-11-26 12:59 . 2014-11-26 12:59 -------- d--h--w- c:\programdata\CanonIJScan
2014-11-26 12:59 . 2014-11-26 12:59 -------- d-----w- c:\users\Maminka\AppData\Roaming\Canon
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-27 17:14 . 2014-04-07 12:11 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-27 17:14 . 2014-04-07 12:11 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-26 17:47 . 2014-04-22 22:01 1050432 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-26 17:46 . 2014-04-22 22:01 116728 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-11-26 17:46 . 2014-04-22 22:01 436624 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-26 17:46 . 2014-04-22 22:01 267632 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-26 17:46 . 2014-04-22 22:01 83280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-11-26 17:46 . 2014-04-22 22:01 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-26 17:46 . 2014-04-22 22:01 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-26 17:46 . 2014-04-22 22:01 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-11-26 17:45 . 2014-04-22 22:01 28184 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2014-11-04 13:30 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-31 22:26 . 2014-04-07 23:15 103374192 ----a-w- c:\windows\system32\MRT.exe
2014-09-19 09:23 . 2014-11-26 13:52 248832 ----a-w- c:\windows\SysWow64\schannel.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-11-26 5226600]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 videX64;videX64;c:\windows\system32\DRIVERS\videX64.sys;c:\windows\SYSNATIVE\DRIVERS\videX64.sys [x]
S0 xfiltx64;VIA SATA IDE Hot-plug Driver;c:\windows\system32\DRIVERS\xfiltx64.sys;c:\windows\SYSNATIVE\DRIVERS\xfiltx64.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [x]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-26 13:59 1087304 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-11-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-07 17:14]
.
2014-11-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-07 12:50]
.
2014-11-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-07 12:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-26 17:46 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_239_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_239_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-11-30 18:21:41
ComboFix-quarantined-files.txt 2014-11-30 17:21
ComboFix2.txt 2014-11-28 18:36
.
Před spuštěním: Volných bajtů: 36 744 273 920
Po spuštění: Volných bajtů: 36 501 188 608
.
- - End Of File - - DE20ECFA2C2297F20D6D872028E4EAB9
A36C5E4F47E84449FF07ED3517B43A31

[Roli]

Díky, taky jsem už zjistila, že by to nejspíš chtělo novou desku. Ale má cenu kupovat starému "Trabantovi" to nejdražší obutí? Prostě budu jezdit až dojezdím a pak koupím novou bednu.

Rozumné řešení


Jinak je tu menší problém, ta akce s tím skriptem se nezdařila, pouze se ComboFix spustil znovu.

Tak prosím ještě jeden pokus

[danatoma]

Teď, doufám, už jsem pracovala správně
ComboFix 14-12-01.01 - Maminka 01.12.2014 17:56:23.3.1 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.1984.1202 [GMT 1:00]
Spuštěný z: c:\users\Maminka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Maminka\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-01 do 2014-12-01 )))))))))))))))))))))))))))))))
.
.
2014-12-01 17:47 . 2014-12-01 17:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-28 18:41 . 2014-11-28 18:41 -------- d-----w- c:\program files (x86)\FinalWire
2014-11-28 17:19 . 2014-11-28 17:19 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C0A24268-057A-4E54-9154-AEE687F22A5D}\offreg.dll
2014-11-28 12:30 . 2014-11-17 01:08 11632448 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C0A24268-057A-4E54-9154-AEE687F22A5D}\mpengine.dll
2014-11-27 21:45 . 2014-11-27 21:45 -------- d-----w- c:\program files\Search
2014-11-27 18:46 . 2014-11-27 18:46 -------- d-----w- c:\users\Maminka\AppData\Roaming\Opera Software
2014-11-27 18:46 . 2014-11-27 18:46 -------- d-----w- c:\users\Maminka\AppData\Local\Opera Software
2014-11-27 18:45 . 2014-11-27 18:49 -------- d-----w- c:\program files (x86)\Opera
2014-11-27 16:40 . 2014-11-27 16:40 -------- d-----w- C:\rsit
2014-11-27 16:08 . 2014-11-27 16:08 -------- d-sh--w- c:\users\Maminka\AppData\Local\EmieBrowserModeList
2014-11-27 10:44 . 2014-09-09 22:11 2048 ----a-w- c:\windows\system32\tzres.dll
2014-11-27 10:44 . 2014-09-09 21:47 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-11-27 10:42 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-11-27 10:42 . 2014-10-18 01:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-11-26 22:14 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-11-26 22:14 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-11-26 17:46 . 2014-11-26 17:46 364512 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-26 17:46 . 2014-11-26 17:46 43152 ----a-w- c:\windows\avastSS.scr
2014-11-26 17:45 . 2014-11-26 17:45 449936 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
2014-11-26 16:45 . 2014-11-26 16:45 -------- d-----w- c:\program files (x86)\Lavalys
2014-11-26 13:56 . 2014-10-14 02:13 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-11-26 13:56 . 2014-10-14 02:07 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-11-26 13:56 . 2014-10-14 01:46 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-11-26 13:56 . 2014-10-14 02:09 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-11-26 13:56 . 2014-10-14 01:47 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-11-26 13:54 . 2014-08-21 06:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2014-11-26 13:53 . 2014-10-03 02:12 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-11-26 13:53 . 2014-10-03 01:44 442880 ----a-w- c:\windows\SysWow64\AUDIOKSE.dll
2014-11-26 13:53 . 2014-10-03 02:11 284672 ----a-w- c:\windows\system32\EncDump.dll
2014-11-26 13:53 . 2014-10-03 02:11 680960 ----a-w- c:\windows\system32\audiosrv.dll
2014-11-26 13:53 . 2014-10-03 02:11 440832 ----a-w- c:\windows\system32\AudioEng.dll
2014-11-26 13:53 . 2014-10-03 02:11 296448 ----a-w- c:\windows\system32\AudioSes.dll
2014-11-26 13:53 . 2014-10-03 01:44 374784 ----a-w- c:\windows\SysWow64\AudioEng.dll
2014-11-26 13:53 . 2014-10-03 01:44 195584 ----a-w- c:\windows\SysWow64\AudioSes.dll
2014-11-26 13:53 . 2014-09-04 05:23 424448 ----a-w- c:\windows\system32\rastls.dll
2014-11-26 13:53 . 2014-09-04 05:04 372736 ----a-w- c:\windows\SysWow64\rastls.dll
2014-11-26 13:53 . 2014-08-29 02:07 3179520 ----a-w- c:\windows\system32\rdpcorets.dll
2014-11-26 13:52 . 2014-09-19 09:42 342016 ----a-w- c:\windows\system32\schannel.dll
2014-11-26 13:52 . 2014-09-19 09:42 309760 ----a-w- c:\windows\system32\ncrypt.dll
2014-11-26 13:52 . 2014-09-19 09:23 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2014-11-26 13:52 . 2014-09-19 09:23 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-11-26 13:52 . 2014-09-19 09:42 210944 ----a-w- c:\windows\system32\wdigest.dll
2014-11-26 13:52 . 2014-09-19 09:42 314880 ----a-w- c:\windows\system32\msv1_0.dll
2014-11-26 13:52 . 2014-09-19 09:23 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2014-11-26 13:52 . 2014-09-19 09:42 86528 ----a-w- c:\windows\system32\TSpkg.dll
2014-11-26 13:52 . 2014-09-19 09:23 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2014-11-26 13:52 . 2014-09-19 09:23 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2014-11-26 13:52 . 2014-09-19 09:42 22016 ----a-w- c:\windows\system32\credssp.dll
2014-11-26 13:52 . 2014-09-19 09:23 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2014-11-26 13:50 . 2014-10-25 01:57 77824 ----a-w- c:\windows\system32\packager.dll
2014-11-26 13:50 . 2014-10-25 01:32 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-11-26 13:50 . 2014-07-17 02:07 235520 ----a-w- c:\windows\system32\winsta.dll
2014-11-26 13:50 . 2014-07-17 01:40 157696 ----a-w- c:\windows\SysWow64\winsta.dll
2014-11-26 13:50 . 2014-07-17 01:21 212480 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2014-11-26 13:50 . 2014-07-17 02:07 150528 ----a-w- c:\windows\system32\rdpcorekmts.dll
2014-11-26 13:50 . 2014-07-17 02:07 455168 ----a-w- c:\windows\system32\winlogon.exe
2014-11-26 13:50 . 2014-07-17 01:21 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2014-11-26 13:48 . 2014-10-10 00:57 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-11-26 13:48 . 2014-10-14 02:13 3241984 ----a-w- c:\windows\system32\msi.dll
2014-11-26 13:48 . 2014-10-14 01:50 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-11-26 13:47 . 2014-09-05 02:11 6584320 ----a-w- c:\windows\system32\mstscax.dll
2014-11-26 13:47 . 2014-09-05 01:52 5703168 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-11-26 12:59 . 2014-11-26 12:59 -------- d--h--w- c:\programdata\CanonIJScan
2014-11-26 12:59 . 2014-11-26 12:59 -------- d-----w- c:\users\Maminka\AppData\Roaming\Canon
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-27 17:14 . 2014-04-07 12:11 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-27 17:14 . 2014-04-07 12:11 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-26 17:47 . 2014-04-22 22:01 1050432 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-26 17:46 . 2014-04-22 22:01 116728 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-11-26 17:46 . 2014-04-22 22:01 436624 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-26 17:46 . 2014-04-22 22:01 267632 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-26 17:46 . 2014-04-22 22:01 83280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-11-26 17:46 . 2014-04-22 22:01 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-26 17:46 . 2014-04-22 22:01 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-26 17:46 . 2014-04-22 22:01 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-11-26 17:45 . 2014-04-22 22:01 28184 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2014-11-04 13:30 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-31 22:26 . 2014-04-07 23:15 103374192 ----a-w- c:\windows\system32\MRT.exe
2014-09-19 09:23 . 2014-11-26 13:52 248832 ----a-w- c:\windows\SysWow64\schannel.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-11-26 5226600]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 videX64;videX64;c:\windows\system32\DRIVERS\videX64.sys;c:\windows\SYSNATIVE\DRIVERS\videX64.sys [x]
S0 xfiltx64;VIA SATA IDE Hot-plug Driver;c:\windows\system32\DRIVERS\xfiltx64.sys;c:\windows\SYSNATIVE\DRIVERS\xfiltx64.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [x]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-26 13:59 1087304 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-12-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-07 17:14]
.
2014-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-07 12:50]
.
2014-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-07 12:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-26 17:46 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_239_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_239_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2014-12-01 18:52:48
ComboFix-quarantined-files.txt 2014-12-01 17:52
ComboFix2.txt 2014-11-30 17:21
ComboFix3.txt 2014-11-28 18:36
.
Před spuštěním: Volných bajtů: 36 404 293 632
Po spuštění: Volných bajtů: 36 212 834 304
.
- - End Of File - - 80B569E82A2751868AD692CE520DA025
A36C5E4F47E84449FF07ED3517B43A31

[Roli]

Teď, doufám, už jsem pracovala správně

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Dále jestli si troufneš otevřít skříň PC a stlačeným vzduchem odstranit prach případný ze všech komponent (pokud tam bude doporučuji vyfoukat venku).


Pak dej vědět jaký je stav PC.


P.S. ještě zkus ty videa v jiném prohlížeči.

[cernohous13]

Zdravím,
Kolega promine moji vtíravost

Mám stejný poznatek po aktualizaci Avastu na ver.2015
Jak ti to běží po vypnutí štítů Avastu

[danatoma]

Pro ROLI:
provedeno všechno podle pokynu.
Bedna je vyfoukaná kompresorem někdy v září - takže tam je čisto.

Zkusila jsem i IE11 a tam jdou v pohodě hlavně reklamy, které jsou u videí.
Zdá se mi, že se seká míň a dokonce pozdě večer mi přijde, že videa běží v pohodě.

Prostě - stařeček se snaží a já mu ještě nějaký ten čas dopřeju.

MOC A MOC DĚKUJI ZA POMOC.


PRO ČERNOHOUS13
Zkusila jsem spustit při vypnutém AVASTU a je to stejné.

Jak píšu - dědeček se snaží - ale už dosluhuje....

JEŠTĚ JEDNOU VELIKÝ DÍK!!!!